question: What is the key idea of aggregation in privacy protection at the server side? option 1: Using encryption to make individual devices' updates uninspected option 2: Adding noise to the uploaded parameters option 3: Hiding client's contribution during training option 4: Collecting data or model parameters from different clients option 5: Introducing hidden backdoor functionality into the joint global model 